Comments (5)
I just started using this library, and am happy to say that it's working great for me.
I do not believe that there needs to be any special treatment for a file based config and I've outlined my approach below using the library as is (in NPM).
Create a typescript file that exports the config for the EncryptionTransformer
and just use it directly, so in my case i have the following:
encryption-transformer-config.ts
import { environment } from '@server/environment'; // This is a config file that's swapped out based on environment and it uses ENV variables to define certain properties.
export const MyEncryptionTransformerConfig = {
key: environment.secret,
algorithm: 'aes-256-cbc',
ivLength: 16
};
And i use it by importing into my entity
MyEntity.ts
... // Other imports for entity stuff here.
import { MyEncryptionTransformerConfig } from '@server/encryption-transformer-config';
import { EncryptionTransformer } from 'typeorm-encrypted/lib/transformer'; // My IDE (Webstorm) complained when using 'typeorm-encrypted'
export class MyEntityWithEnc extends BaseEntity {
...
@Column({
type: 'text',
transformer: new EncryptionTransformer(MyEncryptionTransformerConfig)
})
secretField1: string;
}
This allows me to use a unified configuration based on secrets that i'm already using in other places within my application and I can quickly change out config values across the platform for testing.
You could also easily add overrides per entity, imagine i added a second property to the above entity.
... // imports and what-not from above
export class MyEntityWithEnc extends BaseEntity {
...
@Column({
type: 'text',
transformer: new EncryptionTransformer({...MyEncryptionTransformerConfig, ivLength: 32})
})
secretField2: string;
The power of the spread operator allows a ton of flexibility when dealing with these use cases.
from typeorm-encrypted.
I agree that file based config seems unnecessary and outside the scope of the library IMO.
Also it guides library consumers to wrong security decisions. I don't think you should be storing encryption keys in files anyways.
from typeorm-encrypted.
@Destreyf awesome! I think it makes sense to add this to the README as a guideline on how to handle secrets for this library.
from typeorm-encrypted.
@moltar and @Destreyf let's adjust this issue to be a README update based on guidance from @Destreyf
from typeorm-encrypted.
@generalpiston This can be closed.
from typeorm-encrypted.
Related Issues (20)
- Invalid IV length HOT 4
- [Question, help needed] How to properly retain encryption keys? HOT 3
- Create a CLI tool for adding or swapping keys to an encrypted column HOT 1
- Abandoned? HOT 1
- Doesnt work inside QueryBuilder HOT 4
- Exception occurres when use FindOperator. HOT 4
- It doesn't encrypt the default value of the column HOT 2
- Issue with finding values with encrypted data HOT 17
- fix issue HOT 1
- json supprot HOT 1
- Support for typeorm 0.3 HOT 8
- Return undefined instead of null
- Peer dependencies TypeORM HOT 1
- [Question] How is key rotation handled? HOT 5
- Document how to perform key rotation
- The first argument must be of type string or an instance of Buffer, ArrayBuffer, or Array or an Array-like Object. Received undefined HOT 1
- Like operator not supported
- typeorm encryption nopt working in case of unique true column HOT 3
- conditionally encryption columns HOT 3
- Decrypting data externally
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from typeorm-encrypted.